Andris Atteka has discovered a bug which causes Google’s browser to crash when you type in a 16-character link and hit enter.
Clicking on the 16-character link, or even just putting your cursor over a 16-character link will crash Google’s browser.
Andris Atteka explained on his blog that you can easily trip up Chrome just by adding a null character in the URL string. His example was 26 characters long
Incase you want to try it yourself, fire up Chrome 45 (the latest stable version) or older and put this into your address bar:
http://a/%%30%30
Either your Chrome tab or the whole Chrome browser will crash.
Since the bug was only a local DoS issue, Mr. Atteka did not fall into the company’s bug bounty program which rewards security researchers for finding unsafe issues that affect the user’s security and privacy.
The good news is that the bug does not affect Chrome on Mac PCs or on Android smartphones.
Via VB
